Sharing Pandemic Vaccination Certificates through Blockchain: Case Study and Performance Evaluation
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Hindawi
Wireless Communications and Mobile Computing
Volume 2021, Article ID 2427896, 12 pages
https://doi.org/10.1155/2021/2427896
Research Article
Sharing Pandemic Vaccination Certificates through Blockchain:
Case Study and Performance Evaluation
José L. Hernández-Ramos , Georgios Karopoulos , Dimitris Geneiatakis , Tania Martin,
Georgios Kambourakis , and Igor Nai Fovino
European Commission, Joint Research Centre, Ispra 21027, Italy
Correspondence should be addressed to José L. Hernández-Ramos; jose-luis.hernandez-ramos@ec.europa.eu
Received 3 June 2021; Accepted 2 August 2021; Published 26 August 2021
Academic Editor: Wenjuan Li
Copyright © 2021 José L. Hernández-Ramos et al. This is an open access article distributed under the Creative Commons
Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work
is properly cited.
During 2021, different worldwide initiatives have been established for the development of digital vaccination certificates to alleviate
the restrictions associated with the COVID-19 pandemic to vaccinated individuals. Although diverse technologies can be
considered for the deployment of such certificates, the use of blockchain has been suggested as a promising approach due to its
decentralization and transparency features. However, the proposed solutions often lack realistic experimental evaluation that
could help to determine possible practical challenges for the deployment of a blockchain platform for this purpose. To fill this
gap, this work introduces a scalable, blockchain-based platform for the secure sharing of COVID-19 or other disease vaccination
certificates. As an indicative use case, we emulate a large-scale deployment by considering the countries of the European Union.
The platform is evaluated through extensive experiments measuring computing resource usage, network response time, and
bandwidth. Based on the results, the proposed scheme shows satisfactory performance across all major evaluation criteria,
suggesting that it can set the pace for real implementations. Vis-à-vis the related work, the proposed platform is novel, especially
through the prism of a large-scale, full-fledged implementation and its assessment.
1. Introduction ing rapid diagnosis and isolation of infected people, as well
as the creation of digital contact tracing frameworks [3, 4].
The World Health Organization (WHO) declared COVID- However, the second COVID-19 wave during the fall of
19 a pandemic on March 11th, 2020. This disease is caused 2020 and the successive outbreaks during 2021 showed that
by the severe acute respiratory syndrome coronavirus 2 these measures are insufficient, especially when they are
(SARS-CoV-2) which was initially detected at the end of abruptly relaxed. Therefore, the sheer objective has been
2019 in the city of Wuhan, China [1]. Since then, the disease the development of effective and safe vaccines to be rolled
has spread unhindered worldwide. Besides the obvious out globally. Indeed, numerous efforts were initiated during
health consequences, the socioeconomic impact is already 2020 involving medical institutions, pharmaceutical compa-
notable in many countries globally. Indeed, the drastic—and nies, and research centers worldwide to get a vaccine at
sometimes controversial—measures to curb the spread, unprecedented speed. At the end of May 2021 [5], there were
including social distancing and curfew, have already changed 101 and 184 vaccines in clinical and preclinical develop-
our daily behavior. Furthermore, recent economic analysis ment, respectively.
[2] predicts that many countries will not recover their While the realisation of vaccines represents currently the
economic levels of 2019 until 2022. These forecasts may vary main objective to terminate the pandemic, their manufactur-
based on the evolution of the pandemic during 2021. ing, distribution, and deployment are also associated with
To defend against the COVID-19 pandemic, several ini- important challenges. First, logistics, storage, and transport
tiatives and actions have been hitherto undertaken, includ- requirements, say, regarding the temperature of
2 Wireless Communications and Mobile Computing
preservation, impose strong pressure on the supply chain to needs for sharing COVID-19 information, as well as the
ensure global access to vaccines in a timely manner [6, 7]. advantages provided by blockchain for this purpose. Fur-
Therefore, data transparency is the key to foster a secure thermore, Section 4 provides insights into the definition of
monitoring of the epidemiological and vaccination situation digital vaccination certificates. The proposed blockchain
in a certain region. Second, the vaccination process is being platform for the registration and validation of digital vacci-
prioritised for certain population groups according to differ- nation certificates is described in Section 5. The results
ent aspects, such as age, health condition, and profession. derived from the platform’s evaluation are described in Sec-
Furthermore, the rate of vaccinations varies depending on tion 6. Finally, Section 7 concludes our work with an outlook
the country [8]. Hence, immune and vulnerable people will of potential future research directions.
live together during a certain period of time. Such a situation
could be prolonged in case the virus that causes COVID-19 2. Related Work
becomes endemic [9]. In this context, the use of digital vac-
cination certificates could help alleviate the burden on health Since the beginning of the COVID-19 pandemic, different
systems, as vaccinated people would not need to perform initiatives have been proposed for the implementation of
viral tests, which are currently required to, say, travel to COVID-19 certificates, so that individuals granted with such
different countries. Unlike the current paper version of vac- credentials could be exempt from physical restrictions to
cination certificates, namely, the International Certificate of carry out certain activities in their daily life [18]. Indeed,
Vaccination or Prophylaxis (ICVP), these digital documents based on our analysis of existing literature, three different
would allow a far more scalable solution along with a faster types of COVID-19-related certificates can be identified:
and more secure verification process [10]. (a) vaccination certificates, referring to whether a person
Blockchain technology has been already identified as a has received the vaccine or not; (b) diagnostic test certificates,
promising approach to combat the pandemic in distinct sce- demonstrating that a person has undergone a test; and (c)
narios, such as early detection of outbreaks, medical supply immunity certificates or immunity passports, implying that
chain, or donation tracking [11, 12]. In the same mindset, a person has developed antibodies after being infected. As
the creation of a blockchain platform to share information shown in Table 1, some proposals support more than one
about the pandemic would increase transparency, interoper- type of certificates, while only a few of them provide an
ability, and accountability, so that potential discrepancies actual implementation, although in a small scale.
among data from different sources, say, medical centers or In the case of vaccination certificates, the authors of [19]
governments, could be avoided. This would foster a more focus on privacy aspects and propose a hashing algorithm
trustworthy reporting and monitoring of the pandemic evo- that enables users to store the information on the blockchain
lution considering diverse territories and countries. Further- anonymously using an ID that is created from their iris. In
more, such a platform would increase citizens’ trust in the this case, the vaccination certificate data and a hash of the
vaccination process, as the information related to vaccines user ID are stored on the blockchain. This could imply a
could be publicly available [13]. potential issue since it would demand a very high storage
The work at hand analyses the key requirements to build requirements of the blockchain nodes. This could be exacer-
a scalable platform for sharing vaccination data and the bated in the case of populous or multiple countries using the
advantages of blockchain for the realisation of such a plat- same blockchain.
form. We focus on the scenario of vaccination certificates Furthermore, other works address several kinds of certif-
that can be generated after a citizen is vaccinated and how icates. In particular, both vaccination and immunity certifi-
blockchain could aid in maintaining such information cates are considered by [15], which is based on Verifiable
towards enabling a secure and privacy-aware verification Credentials (VC) [22] as digital IDs, the decentralised data
process. Furthermore, unlike existing approaches that do storage platform Solid [23], and a consortium Ethereum-
not offer experimental results or consider small-scale based blockchain [24]. In a similar direction, [16] uses
deployment scenarios [14–17], we provide a comprehensive Ethereum smart contracts, Self-Sovereign Identity (SSI),
performance evaluation of the proposed platform by consid- and InterPlanetary File System (IPFS) to store medical tests
ering the vaccination of the EU population and 27 block- and travel history in a decentralised manner. In addition,
chain nodes, representing each member state (MS) in the [14] addresses all the different types of certificates by inte-
EU. We meticulously assess our platform under different grating the use of VCs in a blockchain implementation
realistic network conditions, including latency and band- called uPort [25], which provides SSI aspects on top of the
width, in an emulated infrastructure. To our knowledge, this Ethereum platform.
is the first work to offer an estimation of the performance The authors of [20] introduce the concept of digital
requirements associated with a blockchain-based platform health passports, which is similar to the diagnostic test
for vaccination data in a large scale. Furthermore, we discuss results required for travelers in certain cases. It is based on
practical aspects and security considerations for a large-scale a private blockchain using the proof-of-authority consensus
deployment of the intended platform, along with potential mechanism, where the test results are registered and stored.
regulatory implications of vaccination certificates. For immunity certificates, the work of [17] presents
The structure of this paper is as follows: the next section SecureABC, a privacy-oriented protocol based on public
describes other works using blockchain technology for key cryptography. This proposal does not use blockchain,
COVID-19-related certificates. Section 3 elaborates on the and the certificates can be either paper- or app-based. As a
Wireless Communications and Mobile Computing 3
Table 1: Related work on COVID-19 certificates.
Scheme Vaccination Diagnostic test Immunity Blockchain Benchmarks
[19] ✓ ✓ —
[15] ✓ ✓ ✓ Small scale
[16] ✓ ✓ ✓ Small scale
[14] ✓ ✓ ✓ ✓ Small scale
[20] ✓ ✓ —
[17] ✓ Small scale
[21] ✓ ✓ —
[10] ✓ ✓ —
consequence, if the paper certificate or the mobile device is becomes endemic [9]. In this context, the WHO established
lost, so are the respective certificates. In [21], the concept the COVAX program together with Gavi and the Coalition
of COVID-19 immunity certificates is based on a for Epidemic Preparedness Innovations to facilitate equita-
government-run blockchain, in which the information ble access and distribution of future vaccines, while those
related to testing facilities and hospitals is also included. Fur- people most at risk are prioritized. COVAX is part of the
thermore, [10] proposed the use of VCs and Decentralized global ACT Accelerator initiative that is designed to
Identifiers (DID) [26] to link individuals’ identity with their enhance the resources for COVID-19 tests, treatments,
certificates. However, further details about implementation/- and vaccines.
deployment aspects are not given. At the European level, the commission published in Oct.
In spite of recent efforts, only a few of these works pres- 2020 a document on COVID-19 vaccination strategies and
ent technical details or proof-of-concept implementation vaccine deployment for the 27 MS [27]. This document
including evaluation results. For instance, they rather pro- established the need to define a common strategy for the
vide simple short high-level descriptions of the proposed vaccination process, promoting coordination and collabora-
solutions, or unconvincing benchmarks, limited to a small tion among EU countries. One of the main goals of this
number of simultaneous requests, thus being far from real- strategy is to increase the acceptance of COVID-19 vaccines.
world deployment scenarios. In contrast, our work tackles Actually, recent studies reveal that a significant part of the
this problem through a comprehensive evaluation of a population would not be willing to be vaccinated against
benchmark that includes 27 blockchain nodes (one node the COVID-19 disease [13]. To address this issue, there is
for each EU country) by considering different aspects, such a need for an effective, consistent, and transparent commu-
as computing resource usage, network response time, and nication of information related to COVID-19 vaccines and
bandwidth. As highlighted by [12], even if the potential of the vaccination process itself. As described in [27], the shar-
blockchain to combat the COVID-19 pandemic has been ing of pandemic-related information among MS would cater
reported by several works, there is a lack of studies related for a better monitoring of the different vaccines under devel-
to latency and scalability aspects, which are key aspects for opment, including data on possible side effects, which would
the deployment of this technology. Furthermore, our work be made readily available to the relevant authorities. Fur-
concentrates on vaccination certificates, influenced by the thermore, this information could include data on the trans-
views of WHO on immunity passports: “...there is not port and distribution of vaccines to enable real-time
enough evidence about the effectiveness of antibody- monitoring and improve the supply chain process by consid-
mediated immunity to guarantee the accuracy of an ‘immu- ering the specific needs of each vaccine.
nity passport’.” Another aspect driving us to this direction is Moreover, vaccination campaigns have been carried out
that vaccination certificates will incite people to get vacci- by considering different aspects (e.g., age or medical condi-
nated, while immunity certificates could motivate individ- tion) established by organisations such as the WHO’s Strate-
uals get infected for possessing the necessary antibodies. gic Advisory Group of Experts on Immunization to
prioritize the vaccination for certain groups of people.
3. Managing COVID-19 Therefore, currently a large part of the population is still vul-
Information through Blockchain nerable to the COVID-19. This situation is especially exacer-
bated in developing countries [8]. Furthermore, depending
The global deployment of COVID-19 vaccines sets out on the immunity period of each vaccine, the immunity of a
unprecedented challenges to be addressed in the period certain person could come to an end at a certain point in
ahead, including an efficient supply chain and effective mon- time. Beyond the information on vaccines, the easy sharing
itoring of vaccination coverage in a certain region. Indeed, in of these vaccination data would improve the monitoring of
the case of two-shot vaccines, more than 15 billion vaccines the epidemiological situation of a territory and the vacci-
would be required to be distributed and deployed world- nation coverage among different population groups. In
wide. Furthermore, the distribution of additional shots could fact, monitoring these aspects can make the vaccination
be required depending on the immunity period provided by strategy more flexible to be adapted in a certain region
a certain vaccine or in case the virus that causes COVID-19 or country [27].4 Wireless Communications and Mobile Computing
For the realisation of this COVID-19 data sharing plat- ID), vaccination information (e.g., vaccine manufacturer),
form, blockchain technology has been postulated in different and certificate metadata, such as issuer and validity period.
related scenarios, including contact tracing and outbreaks, Other worldwide initiatives have been established for the
where information sharing is essential [28]. Blockchain is development of digital vaccination certificates. In particular,
based on a distributed ledger that is shared by a set of enti- the WHO Smart Vaccination Certificate Working Group
ties. The ledger contains a list of immutable transactions that [34] is intended to define standard specifications for digital vac-
are validated by the participating entities through a consen- cination certificates based on an architecture linking national
sus mechanism. Furthermore, a blockchain can be permis- and crossborder digital systems. Furthermore, the IATA Travel
sionless (any entity can participate) or permissioned Pass Initiative [35] provides a mobile app to be used by travelers
(participation is limited to a set of entities). The develop- to store and manage their verified certifications for COVID-19
ment of a blockchain-based platform offers a high degree tests or vaccines. Another relevant effort is represented by the
of transparency and accountability, fostering a trustworthy Certify.health initiative [36], which concentrates on the devel-
environment for the sharing of COVID-19 data. opment of a privacy-by-design COVID-19 status certificate that
Thus far, the use of blockchain to fight against the will be extended into vaccination certificates.
COVID-19 pandemic has been proposed for several use For the representation of digital vaccination certificates,
cases, including the distribution and delivery of vaccines, several formats could be considered. For example, [33] men-
recording of patients’ data, preventing fake news, registra- tions QR codes and Verifiable Credentials (VC), which have
tion of testing and reporting, and the distribution of medi- been also considered by recent research proposals, as
cines and healthcare equipment [11, 28–31]. While a described in Section 2. The use of VC (together with DIDs)
blockchain platform for sharing pandemic data could help is intended to realize the vision of Self-Sovereign Identity
in distinct scenarios, we focus on the registration and verifi- (SSI), which has emerged as a decentralised alternative to
cation process of the data associated with a vaccinated citi- traditional centralised identity management (IdM) systems.
zen. The envisioned platform will enable a trusted A VC represents a digital version of a paper certificate in
ecosystem to track the deployment of vaccines in a certain which a certain entity (issuer) asserts certain information
region and consider priority groups. That is, blockchain (claims) about a subject in a way that can be verified by other
inherently supports decentralisation and data replication entities (verifiers). A VC is usually employed together with a
(data from all countries are replicated to all other countries), DID, which is an identifier under the control of a DID sub-
deterring issuance of fraudulent vaccination certificates as ject that indicates a DID method and a specific identifier of
well. For this purpose, we examine the concept of digital vac- such method. DIDs are registered in a Verifiable Data Regis-
cination certificates that could be demonstrated by citizens try (VDR), such as blockchain, and are intended to foster a
to carry out certain activities without the need of diagnostic decentralised authentication process.
tests. The following sections describe the design and archi- It should be noted that the use of VCs in the context of
tecture of a blockchain platform for digital vaccination cer- the COVID-19 crisis has been fostered by the COVID-19
tificates, as well as a thorough evaluation where each MS is Credentials Initiative [37], which groups around 100 organi-
represented by a blockchain node. sations to support efforts of using VCs to mitigate the spread
of the virus.
While it is not the focus of our work, Figure 1 shows an
4. Digital Vaccination Certificates example of VC that includes certain claims based on ongo-
ing discussions about the use of VCs for vaccination certifi-
Digital vaccination certificates can be viewed as a digital ver- cates. In our example, we have considered that the validity of
sion of the ICVP certificates created by WHO that show a the certificate is associated with the period during which this
person’s vaccines and the date they were received. For the vaccination is effective, taking into account that two shots
representation of such a certificate, there is a need to identify are required. In particular, the context establishes a common
which specific information should be included, so that they language for referring to the attributes and values contained
can be used across the world. Such certificates should be in the VC. Also, for our example shown in the figure, the
interoperable globally, as well as supported by identity man- URI https://covid-19-vaccination-certificate.org/v1 indicates
agement techniques to unequivocally link the vaccination of that the communication is about vaccination certificates.
citizens with their identity; in this way, the resulting certifi- Furthermore, the id and type fields are used to identify the
cate will be verifiable, scalable, and privacy-preserving. VC and indicate its type. Moreover, the issuer represents
The European Commission proposed a Digital Green the entity that issued the VC and it makes reference to the
Certificate in March 2021 [32] to facilitate safe and free medical center, which provided the vaccine. In this case, it
movement inside the EU during the COVID-19 pandemic. is described through a DID that could be included in the
Furthermore, the eHealth Network, which provides a plat- blockchain, so that verifiers can use this information to val-
form of EU MSs’ competent authorities dealing with idate the VC. This field can also indicate the type and name
eHealth, has recently described a set of guidelines on verifi- of the issuer, as well as its URL for more information.
able vaccination certificates, including trust and interopera- Besides, the issuanceDate and expirationDate indicate the
bility aspects. Precisely, [33] identifies a minimum dataset validity of the certificate that is associated with the immunity
with the essential pieces of information to be embedded in period provided by the vaccine. Also, the CredentialSubject
the certificate, including person identification (e.g., citizen represents the entity on which the claims are made, i.e., theWireless Communications and Mobile Computing 5
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://covid-19-vaccination-certificate.org/v1"
],
"id":"https://covid-19-vaccination-certificate.org/
credentials/JohnDoe",
"type": [
"VerifiableCredential",
"VaccinationCertificate"
],
"issuer": {
"id":"did:web:vc.brussels.vaccination.centre",
"location": {
"type":" MedicalCenter",
"name":" BrusselsVaccinationCentre",
"url":" https://brussels-vaccination-centre.org/"
}
},
"issuanceDate":" 2020-01-31T14:30:23",
"expirationDate":" 2020-07-31T14:30:23",
"name":" VaccinationCertificate",
"description":" Electronicdocumentcertifyingthatthesubject
fulfilledtheCOVID-19vaccinationprocedure.",
"credentialSubject": {
"id":" did: key: subject_key_value",
"type":" VaccinationCertificateSubject",
"givenName":" John",
"familyName":" Doe",
"birthDate":" 1979-05-28",
"image":" data:image/png;base64, image_value",
},
"injection":{
"id":" injection_id ",
"type":" VaccinationCertificateInjection",
"name":" vaccine_name ",
"issuanceDate":" 2020-01-10T11:15:46",
},
"proof ": {
"type":" Ed25519Signature2018",
"created":" 2020-01-31T14:30:23",
"jws":" JSON_Web_signature_value ",
"proofPurpose":" assertionMethod",
"verificationMethod":" did:web:vc.brussels.vaccination.
centre # additional_id_value "
}
}
Figure 1: Example of a potential vaccination certificate based on VCs [22].
individual getting vaccinated, that includes the personal data cussion, in our approach, only a hash digest of such a cre-
about the user. In addition, the claim injection is used to dential will be stored in the blockchain platform. In this
describe which specific injection is being provided, including way, the proposed platform will be agnostic both of the vac-
the vaccine and vaccination date. This information could be cination certificate presentation format and of the data for-
used to track the vaccines and injections being provided and mat being considered. The details of such a platform are
may help with the management of the supply chain. Finally, described in the subsequent section.
the field proof makes reference to the cryptographic tech-
nique (typically a digital signature) that is used by the issuer 5. Vaccination Certificate Scenario
to make the VC tamper-resistant.
While the design of an interoperable approach for the For the development of the proposed blockchain platform,
definition of digital vaccination certificates is still under dis- we consider the architecture in Figure 2. Naturally, the6 Wireless Communications and Mobile Computing
Vaccination blockchain
Blockchain Register Blockchain Verify Blockchain
node1 certificate node 2 certificate node 27
hash hash
Generateand
Validate NMC
sign
signature
vaccination
certificate
NMC Verifier
(Issuer) Service
Vaccination
certificate
Citizen's Validation
identity OK
Citizen
Figure 2: Overview of the proposed blockchain-based vaccination certificate platform.
depicted architecture does not reflect the reality of any deci- ing the registration process and used later to facilitate the
sion made at the EU level, but it solely serves as a proof of process of verifying the vaccination status of them. It is note-
concept for evaluation purposes. The architecture includes worthy that the registration and verification processes ana-
the vaccination permissioned blockchain where blockchain lysed below are only illustrative examples of how our
nodes in each MS are the only authorised entities to store scheme can be used to manage vaccination certificates, while
vaccination information. these processes are considered for evaluation purposes in the
Each of the 27 MSs can designate a blockchain client next section.
node (which can be represented by a national health author- During the registration process, citizens go to an NMC,
ity, say, the Ministry of Health) to interact with the block- where they present a valid identity document, to get vacci-
chain. This entity is also responsible for designating a set nated. For this purpose, the citizen may use a VC through
of national medical centers (NMC) to generate vaccination a digital wallet app on their smartphone (as proposed by
certificates associated with already vaccinated people. These [10]) or other more traditional approaches based on X.509
certificates will be validated by verification centers, which certificates. A physician performs the vaccination, and the
represent any organisation, public or private (e.g., airport corresponding certificate is generated. As described in Sec-
or public administration building), that needs to verify the tion 4, this certificate may contain information about the
vaccination status of an individual. vaccine itself, as well as data about the specific dose to facil-
The blockchain is used to store all relevant information itate the management of the supply chain. Furthermore, the
about the vaccination process, including the registration of citizen’s identity shown at the beginning of the process can
NMC. The registration of these entities can be performed be embedded in the credential. Assuming a two-shot vac-
by the national health authorities, which represent the block- cine, this credential may demonstrate that the citizen
chain nodes of their MS, by using smart contracts. Further- received the first shot, so it can be used in the process of
more, the blockchain will simply contain a hash digest of the administering the second one, or that they are immune as
vaccination certificate per citizen that will be generated dur- they already received both shots. The NMC, or the physicianWireless Communications and Mobile Computing 7
on its behalf, digitally signs the certificate to guarantee its Table 2: Network evaluation of registering and verifying
validity and sends this credential to the citizen, say, through vaccination certificates using blockchain.
a smartphone app, so that they can maintain the control of
how the certificate is used. It should be noted that the process Peer
Response time Ordering
Step TPS bandwidth
of sending the vaccination certificate is done through a secure (msec) bandwidth (kB)
(kB)
channel by using well-known approaches, such as Transport
Layer Security (TLS). Furthermore, the certificate could be 1 84 395 636
encrypted before being stored in the user’s smartphone to pro- 2 81 419 825
tect the credentials while at rest. Moreover, a hash digest (e.g., 4 78 457 2019
Register
by using SHA-256) of the certificate is generated and stored on 8 87 516 3644
the blockchain. The NMC sends this hash to the MS’s block- 16 109 588 4938
chain node that is responsible for registering it on the EU vac- 28 133 700 6019
cination blockchain. Additionally, an encrypted version can be
1 91 394 701
stored in the InterPlanetary File System (IPFS) [38] or another
repository, so that the vaccination certificate can be recovered 2 87 415 1123
by the citizen in case of losing their smartphone. Again, such 4 83 447 1788
processes are carried out by using renowned approaches, such 8 94 495 2153
Verify
as TLS to protect the data in transit. 16 117 553 5069
After citizens have received a certificate, they can use it 28 153 639 8122
to access certain places that require proof of citizens’ vacci- 50 168 671 5919
nation status, such as an airport or public administration
100 189 804 12109
building. During the verification process, citizens present
their certificate to a verifier service. This service creates a
hash digest of the provided certificate that is verified against approach for the issuance and verification processes through
the hash stored in the blockchain. For this process, the ver- the integration of ZKPs in the whole ecosystem.
ifier service contacts the country’s blockchain node that is
in control of performing the verification on the EU vaccina- 6. Evaluation
tion blockchain. Like in the issuance procedure, this process
is performed through well-known security mechanisms, 6.1. Testbed. To evaluate our proposal, we rely on the Experi-
such as TLS. Furthermore, the verifier service validates the mental Platform for Internet Contingencies (EPIC) [39]. EPIC
signature created by the NMC to confirm that the credential is an emulation testbed based on the Deter software [40, 41]
was generated by an approved entity. Additionally, it checks for studying the security and stability of distributed systems.
the validity of the citizen’s identity to ensure that they are The use of emulation-based testbeds in cybersecurity is well
indeed the person associated with the credential presented. established [42–44] and ensures repeatability and measure-
Alternatively, citizens are empowered to show a subset of ment accuracy. Furthermore, this approach was chosen for
their identity attributes by using zero-knowledge proofs the sake of overcoming the major difficulties that arise while
(ZKPs) to access certain places that only require confirma- trying to simulate the behaviour of ICT components under
tion of a person’s vaccination status but do not need per- stress, attacks, or failures. The infrastructure of EPIC com-
sonal data. For example, in the case of VCs, the holder of a prises 356 experimental nodes, 8 switches, and a few special
certain credential is enabled to combine several VCs from equipment, such as programmable logical controllers.
different issuers and selectively disclose specific claims com- Overall, the setup relies on the deployment of Hyperl-
posing a certain VC. However, this aspect is outside the edger Fabric on an emulated network in EPIC and imple-
scope of this work. Indeed, as described in the next section, ments the proposed architecture shown in Figure 2. It is
the evaluation of our platform is focused on the performance assumed that the European health authorities, which are
requirements from the perspective of the blockchain imple- considered trusted, provide the “ordering” services, while
mentation to register and verify vaccination certificates. each MS is a “peer” node in the Hyperledger Fabric termi-
Nevertheless, it should be noted that the proposed block- nology. This emulated 1 Gbps blockchain network comprises
chain platform is intended to serve as a decentralized 27 nodes corresponding to the current EU MS with a net-
approach to manage vaccination information and to be inte- work latency of 3 msec.
grated with SSI approaches, such as VCs, for the sake of pro- The ordering services comprise the following: Zoo-
viding privacy-preserving features. Furthermore, as already Keeper (3 instances), Kafka (4 instances), and orderer (3
mentioned, only a hash of the vaccination certificate is instances). Their main purpose is to sort the messages/re-
stored on the blockchain, and an encrypted version of such quests exchanged among the participants. Each instance of
certificate is stored on an off-chain repository (IPFS), so that a given service runs on a different machine for supporting
users’ sensitive data is never disclosed to external entities. failover of the ordering services. This setup ensures ordering
Therefore, citizens are enabled with the ownership of their service availability if at maximum one instance of each ser-
data to manage their vaccination certificates. The integration vice is in the fail status. The peer nodes are managed by
of the proposed platform with SSI approaches, such as VCs the MSs for endorsing the transactions proposed by the cli-
and DIDs, will enable a more advanced privacy-preserving ents. They also receive the ordered blocks of transactions8 Wireless Communications and Mobile Computing
18
16
14
12
CPU (%) 10
8
6
4
2
0
1 2 4 8 16 28
Transactions per second
CouchDB ZooKeeper
Peer Orderer
Smart contract Kafka
REST
Figure 3: Dockerised services’ CPU utilisation considering different TPS for registering new vaccination certificates in a blockchain system.
35
30
25
Memory (%)
20
15
10
5
0
1 2 4 8 16 28
Transactions per second
CouchDB ZooKeeper
Peer Orderer
Smart contract Kafka
REST
Figure 4: Dockerised services’ memory utilisation considering different TPS for registering new vaccination certificates in a blockchain
system.
from the ordering service to maintain their local copy of the (1) CouchDB: a database that maintains the valid trans-
ledger. The following services of a MS node are hosted on a actions of the blockchain and allows content-based
single machine: JSON queriesWireless Communications and Mobile Computing 9
20
15
CPU (%)
10
15
0
1 2 4 8 16 28 50 100
Transactions per second
CouchDB ZooKeeper
Peer Orderer
Smart contract Kafka
REST
Figure 5: Dockerised services’ CPU utilisation considering different TPS for verifying vaccination certificates in a blockchain system.
(2) Peer: a core service in the Hyperledger Fabric archi- 6.2. Results. We evaluate the adequacy of deploying our pro-
tecture storing the ledger and validating the posal in a real, large-scale architecture, concentrating on two
transactions fundamental provisioned services, namely, vaccination reg-
istration and verification. The focus is on user experience
(3) Certificate authority: this provides digital certificates in terms of request round-trip time, i.e., the time required
to the participants of the MS node for receiving a response after submitting a request, and the
(4) Smart contract: this implements basic functionalities utilisation of system resources, i.e., CPU, memory, and net-
such as user access control and message conformity work bandwidth.
For the registration process, we consider the maximum
(5) Application interface: this interacts with the block- number of transactions required to get all European citizens
chain. It is implemented as a representational state vaccinated in one year. According to Eurostat, the EU-27
transfer (REST) service and accomplishes all the population is ≈447.5 M inhabitants [45]. Thus, assuming
interactions on behalf of the national health centers that a vaccine requires two doses, that is, two blockchain
for committing a transaction in the blockchain transactions, a total of 28 transactions per second (TPS) will
network be required in the worst case. Table 2 summarises the aver-
age latency perceived when registering or verifying a vacci-
As each MS acts independently, we deploy a single dis- nation certificate in the blockchain, as well as the
junctive (“OR”) policy among the participants, meaning that bandwidth consumed by both the peer and the ordering
a transaction originating from a MS is only validated by the nodes. As observed, the response time for registration ranges
originating MS. What the system checks is whether the sub- between 83 and 133 msec. Moreover, at the peer side, the
mitted transaction bears a valid digital signature from the bandwidth utilisation increases from 500 to 700 kB. Overall,
MS blockchain node. This also means that any transaction both these numbers can be characterised as absolutely toler-
stemming from a MS on behalf of another MS will be able. On the other hand, the bandwidth consumed by the
rejected by the blockchain. ordering service demonstrates a significant augmentation
All ordering and peer services are configured and exe- among the different TPS values, reaching ≈6000 kB in the
cuted using the corresponding Docker images with the stan- most demanding case.
dard deployment options. Moreover, all the underlying CPU and memory utilisation for registering new vacci-
network communications among the participants (clients, nation certificates under different traffic conditions per ser-
peers, and the ordering service) are securely protected by vice are illustrated in Figures 3 and 4. Particularly,
Transport Layer Security (TLS). The certificates and private considering the worst case, CPU and memory utilisation
keys for both TLS and the blockchain services are generated for the peer services remain under 4 and 35%, respectively,
during the blockchain network initialisation procedure, while the ordering services’ utilisation is under 17 and 7%.
according to the Hyperledger Fabric specifications. In any case, these requirements for both services are10 Wireless Communications and Mobile Computing
35
30
25
Memory (%) 20
15
10
5
0
1 2 4 8 16 28 50 100
Transactions per second
CouchDB ZooKeeper
Peer Orderer
Smart contract Kafka
REST
Figure 6: Dockerised services’ memory utilisation considering different TPS for verifying vaccination certificates in a blockchain system.
manageable. It is also perceived that, when TPS increase services increases proportionally to TPS, while it is relatively
from 8 to 16 and above, memory utilisation for the peer ser- stable for couchDB and smart contract. The orderer service
vices starts to decrease. This can be explained by the fact initially increases and then stabilises, while the Kafka service
that, along with TPS, the response time augments, having fluctuates between 6 and 16%. However, in all cases, the
transactions submitted to the system at a lower rate. Inter- CPU load remains under 18%.
estingly and also on the positive side, CPU utilisation for As expected and similar to registration, memory usage
the smart contract remains almost constant under different for the peer service ranges between ≈14% and 35%, demon-
TPS, consuming less than 1% of the available CPU cycles. strating that it is memory intensive. For the rest of the ser-
Overall, the registration process is more demanding in terms vices, memory requirements are low, that is, under 8%. In
of CPU on the orderer and secondly on the Kafka services, summary, the verification process is more demanding in
while in terms of memory on the peer service. terms of CPU on the ordering services, while in terms of
Regarding vaccination certificate verification, we used memory on the peer service.
data from Eurostat to calculate realistic requirements in
terms of TPS. Specifically, we calculated the total number 7. Conclusions
of air, marine, rail, and bus passengers for 2018, which is
the latest year with data for all these categories. As verifica- The work at hand sheds light on the timely and intriguing
tion transaction requests are forwarded to the national node issue of managing digital vaccination certificates on a large
of each MS, we consider the worst case, that is, the MS with scale. After arguing that under the prism of COVID-19
the highest combined number of passengers in one year (3.2 and future epidemics, this need is rather a sine qua non,
billion); this gives us ≈100 TPS. Regarding the search opera- we specifically attempt to answer two key questions: how
tion, the worst case scenario is again followed; that is, the such an endeavour can be realistically organised with a focus
correct record is the last one. Similar to vaccination registra- on reducing complexity, and if so, would it be smooth-
tion, the response time increases proportionally to the num- running under pragmatic conditions or even stress in terms
ber of TPS, demonstrating a similar pattern. Overall, with of performance? For the first matter, we scrutinised on an
reference to Table 2, the response time and bandwidth utili- envisaged wide-scale deployment capable of covering the
sation at a MS blockchain node fluctuate between 91 and needs of EU-27 and elaborated on a practical vaccination
189 msec and 394 and 804 kB, respectively. However, for certificate scenario. For the second, we relied on the EPIC
ordering, the utilised network bandwidth reaches up to platform.
12,109 kB. Specifically, based on the performance results obtained,
Figures 5 and 6 depict CPU and memory utilisation for including scalability aspects and challenges for the deploy-
vaccination certificate verification per blockchain service. ment of such platform, it is demonstrated that, for both reg-
As observed, CPU utilisation for both the peer and REST istration and verification operations, the system achievesWireless Communications and Mobile Computing 11
satisfactory results even under stress. This strongly suggests duction, affordability, allocation, and deployment,” The
that even a network decreased by one order of magnitude Lancet, vol. 397, no. 10278, pp. 1023–1034, 2021.
(100 Mbps) would be more than enough. Regarding CPU [8] Tracking COVID-19 Vaccinations Worldwidehttps://edition
requirements, the ordering nodes need to be more powerful .cnn.com/interactive/2021/health/global-covid-vaccinations/.
than MS ones, while the peer nodes necessitate more mem- [9] N. Phillips, “The coronavirus is here to stay — here’s what that
ory. Also, it is shown that, at least in a similar setup as our means,” Nature, vol. 590, no. 7846, pp. 382–384, 2021.
testbed, 100 TPS is the boundary, considering that above this [10] D. Gruener, Immunity Certificates: If We Must Have Them,
limit, the system is saturated, producing errors and We Must Do It Right, 2020.
experiencing inconsistencies. This indicates that in most [11] A. Kalla, T. Hewa, R. A. Mishra, M. Ylianttila, and
populated European countries, the MS node specifications M. Liyanage, “The role of blockchain to fight against
should be carefully devised to support such a large number COVID-19,” IEEE Engineering Management Review, vol. 48,
of TPS or even greater, if necessary. no. 3, pp. 85–96, 2020.
Future work will concentrate more on the security, pri- [12] A. A. Abd-alrazaq, M. Alajlani, D. Alhuwail et al., “Blockchain
vacy, and ethical aspects associated with the registration technologies to mitigate COVID-19 challenges: a scoping
and verification process of digital vaccination certificates. review,” Computer Methods and Programs in Biomedicine
Also, an appealing direction is to investigate if this kind of Update, vol. 1, 2020.
platform could cater for the needs of the vaccine supply [13] J. V. Lazarus, S. C. Ratzan, A. Palayew et al., “A global survey of
chain, ensuring efficient vaccine warehousing, handling, potential acceptance of a COVID-19 vaccine,” Nature Medi-
and stock administration. cine, vol. 27, no. 2, 2021.
[14] A. Abid, S. Cheikhrouhou, S. Kallel, and M. Jmaiel, “Novid-
Data Availability chain: blockchain-based privacy-preserving platform for
COVID-19 test/-vaccine certificates,” Software: Practice and
The data used to support the findings of this study are Experience, 2021.
included within the article. [15] M. Eisenstadt, M. Ramachandran, N. Chowdhury, A. Third,
and J. Domingue, “COVID-19 antibody test/vaccination certi-
Disclosure fication: there's an app for That,” IEEE Open Journal of Engi-
neering in Medicine and Biology, vol. 1, pp. 148–155, 2020.
A preliminary version of this paper can be found at [46]. [16] H. R. Hasan, K. Salah, R. Jayaraman et al., “Blockchain-based
solution for COVID-19 digital medical passports and immu-
Conflicts of Interest nity certificates,” IEEE Access, vol. 8, pp. 222093–222108, 2020.
[17] C. Hicks, D. Butler, C. Maple, and J. Crowcroft, “SecureABC:
The authors declare that there is no conflict of interest secure antibody certificates for COVID-19,” 2020.
regarding the publication of this paper. [18] L. Alexandra, “COVID-19 immunity passports and vaccina-
tion certificates: scientific, equitable, and legal challenges,”
References The Lancet, vol. 395, no. 10237, pp. 1595–1598, 2020.
[19] S. Chaudhari, M. Clear, and H. Tewari, “Framework for a DLT
[1] World Health Organization (WHO), Timeline of WHO’s
based COVID-19 passport,” in Intelligent Computing. Lecture
Response to COVID-19, 2020, https://www.who.int/news/
Notes in Networks and Systems, K. Arai, Ed., vol. 285, Springer,
item/29-06-2020-covidtimeline.
Cham, 2021.
[2] OECD Economic Outlook, Interim Report September 2020,
OECD, 2020. [20] C. M. Angelopoulos, A. Damianou, and V. Katos, “DHP
framework: digital health passports using blockchain-use case
[3] T. Martin, G. Karopoulos, J. L. Hernández-Ramos,
on international tourism during the COVID-19 pandemic,”
G. Kambourakis, and I. N. Fovino, “Demystifying COVID-19
2020, http://arxiv.org/abs/2005.08922.
digital contact tracing: a survey on frameworks and mobile
apps,” Wireless Communications and Mobile Computing, [21] A. Bansal, C. Garg, and R. P. Padappayil, “Optimizing the
vol. 2020, 29 pages, 2020. implementation of COVID-19 imunity certificates using
blockchain,” Journal of Medical Systems, vol. 44, no. 9,
[4] V. Kouliaridis, G. Kambourakis, E. Chatzoglou, G. Dimitrios,
p. 140, 2020.
and H. Wang, “Dissecting contact tracing apps in the android
platform,” PLoS ONE, vol. 16, no. 5, p. e0251867, 2021. [22] World Wide Web Consortium (W3C), “Verifiable credentials
[5] World Health Organization, “Draft landscape and tracker of data model 1.0,” 2019, https://www.w3.org/TR/vc-data-
COVID-19 candidate vaccines,” WHO, 2021, https://www model/.
.who.int/publications/m/item/draft-landscape-of-covid-19- [23] A. V. Sambra, E. Mansour, S. Hawke et al., “Solid: a platform
candidate-vaccines. for decentralized social applications based on linked data,”
[6] DHL, DHL White Paper-Delivering Pandemic Resilience-How MIT CSAIL & Qatar Computing Research Institute, Tech.
to Secure Stable Supply Chains for Vaccines and Medical Goods Rep., 2016.
during the COVID-19 Crisis and Future Health Emergencies, [24] G. Wood, “Ethereum: a secure decentralised generalised trans-
2020, https://www.dhl.com/content/dam/dhl/global/core/ action ledger,” Ethereum project yellow paper, vol. 151, 2014.
documents/pdf/glo-core-delivering-pandemic-resilience-2020 [25] C. Lundkvist, R. Heck, J. Torstensson, Z. Mitton, and M. Sena,
.pdf. “Uport: a platform for self-sovereign identity,” 2017, https://
[7] O. J. Wouters, K. C. Shadlen, M. Salcher-Konrad et al., “Chal- whitepaper.uport.me/uPort_whitepaper_DRAFT20170221
lenges in ensuring global access to COVID-19 vaccines: pro- .pdf.12 Wireless Communications and Mobile Computing
[26] World Wide Web Consortium (W3C), “Decentralized identi- experimentation,” in In Proceedings of the Second ACM Work-
fiers (dids) v1.0- core architecture, data model, and representa- shop on Moving Target Defense, MTD 15, pp. 43–47, New
tions,” 2021, https://www.w3.org/TR/did-core/. York, NY, USA, 2015.
[27] European Commission, “Communication from the Commis- [44] K. E. Stewart, J. W. Humphries, and T. R. Andel, “Developing a
sion to the European Parliament and the Council- virtualization platform for courses in networking, systems
preparedness for COVID-19 vaccination strategies and vac- administration and cyber security education,” in in Proceed-
cine deployment,” 2020, https://ec.europa.eu/health/sites/ ings of the 2009 Spring Simulation Multiconference, ser, Spring-
health/files/vaccination/docs/2020_strategies_deployment_en Sim ‘09. San Diego, CA, USA: Society for Computer
.pdf. Simulation International, 2009.
[28] D. Marbouh, T. Abbasi, F. Maasmi et al., “Blockchain for [45] Eurostat, “Population and population change statistics 2021,”
COVID-19: review, opportunities and a trusted tracking sys- 2021, https://ec.europa.eu/eurostat/statistics-explained/index
tem,” 2020, https://www.techrxiv.org/articles/preprint/ .php?title=Population_and_population_change_statistics.
Blockchain_for_COVID-19_Review_Opportunites_and_a_ [46] J. L. Hernández-Ramos, G. Karopoulos, D. Geneiatakis,
Trusted_Tracking_System/12609344. T. Martin, G. Kambourakis, and I. N. Fovino, “Sharing pan-
[29] A. Musamih, R. Jayaraman, K. Salah, H. Hasan, I. Yaqoob, and demic vaccination certificates through blockchain: case study
Y. Al-Hammadi, “Blockchain-based solution for distribution and performance evaluation,” 2021, http://arxiv.org/abs/2101
and delivery of COVID-19 vaccines,” IEEE Access, 2021. .04575.
[30] M. Chang and D. Park, “How can blockchain help people in
the event of pandemics such as the COVID-19?,” Journal of
Medical Systems, vol. 44, no. 5, p. 102, 2020.
[31] D. Nguyen, M. Ding, P. N. Pathirana, and A. Seneviratne,
“Blockchain and AI-based solutions to combat coronavirus
(COVID-19)-like epidemics: a survey,” TechRxiv Preprint,
vol. 4, 2020.
[32] European Commission, “Proposal for a Regulation of the
European Parliament and of the Council on a framework for
the issuance, verification and acceptance of interoperable cer-
tificates on vaccination, testing and recovery to facilitate free
movement during the COVID-19 pandemic (Digital Green
Certificate),” 2021, https://eur-lex.europa.eu/legal-content/
EN/TXT/?uri=CELEX%3A52021PC0130.
[33] EHealth Network, “Guidelines on verifiable vaccination certif-
icates - basic interoperability elements release 2,” 2021, https://
ec.europa.eu/health/sites/default/files/ehealth/docs/
vaccination-proof_interoperability-guidelines_en.pdf.
[34] Smart Vaccination Certificate Working Grouphttps://www
.who.int/groups/smart-vaccination-certificate-working-
group.
[35] IATA Travel Pass Initiativehttps://www.iata.org/en/programs/
passenger/travel-pass/.
[36] Certify.healthhttps://eithealth.eu/project/certify-health/.
[37] COVID-19 Credentials Initiativehttps://www.covidcreds.org/.
[38] J. Benet, IPFS - Content Addressed, Versioned, P2P File System,
CoRR, 2014, http://arxiv.org/abs/1407.3561.
[39] C. Siaterlis, B. Genge, and M. Hohenadel, “EPIC: a testbed for
scientifically rigorous cyber-physical security experimenta-
tion,” IEEE Transactions on Emerging Topics in Computing,
vol. 1, no. 2, pp. 319–330, 2013.
[40] J. Mirkovic, T. V. Benzel, T. Faber, R. Braden, J. T. Wroclawski,
and S. Schwab, “The DETER Project: advancing the science of
cyber security experimentation and test,” in In 2010 IEEE
International Conference on Technologies for Homeland Secu-
rity (HST), pp. 1–7, 2010.
[41] T. Benzel, “The science of cyber security experimentation: the
DETER Project,” in In 27th Annual Computer Security Appli-
cations Conference, 2011.
[42] C. M. Davis, J. E. Tate, H. Okhravi, C. Grier, T. J. Overbye, and
D. Nicol, “Scada cyber security testbed development,” in In 2006
38th north American power symposium, pp. 483–488, 2006.
[43] T. C. Eskridge, M. M. Carvalho, E. Stoner, T. Toggweiler, and
A. Granados, “Vine: a cyber emulation environment for MTDYou can also read
